Focuses on the company’s approach to identifying, assessing, and mitigating risks, as well as maintaining continuity and adherence to regulations.
Questions concerning risk governance, oversight and risk assessment of, as well as contracts with, our subcontractors.
Here you can find information about handling information security responsibility, security personell and assessments.
Questions about anti-malware, anti-virus, network vulnerability scans, software updates and threat management policies.
Information about the handling of incidents, response plans and information security events.
This category gives insight into business resiliancy programs, continuity procedures, disaster recoveries, backups and subcontractor resiliency.
This category tackles all things Compliance: Non-disclosure agreements, code of conduct, conflicts of interest and ethics responsibilities.